SD7 has a unique approach to assessments. We don’t just tell you whether you meet the standard – we help you prepare for the assessment and understand the requirements and their importance to your company. Listed below are some examples of the types of assessments we can help with. 


SD7 offers a comprehensive Health Information Portability and Accountability Act (HIPAA) Gap and final assessment process that covers both HiTech and Omnibus Acts along with all of the recent changes. SD7 staff supporting this have decades of expertise in the HIPAA venue both as assessors and designing HIPAA compliant practices for companies.


SD7 helps its clients meet the requirements of all standards published by the PCI Security Standards Council. SD7 is approved by the PCI Security Council to perform assessments under these standards such as PCI-DSS and SSF assessments.  SD7 also provides consulting on how to prepare to meet these other related standards.

ISO 27001

SD7 performs assessments for compliance with international ISO 27001 standard. This standard provides a framework for implementation of an Information Security Management System (ISMS), and SD7 has extensive experience in designing and assessing control implementations.


SD7 offers individualized consulting on how businesses can ensure the safety and privacy of their customers’ data and receive SOC2 certification and compliance. SOC2 applies to any company or service provider that handles or stores customer data.


General Data Protection Regulation is a standard created by the European Union to help citizens and companies have more control over their personal data. SD7 works with businesses to achieve compliance with these regulations.


SD7 offers Federal Information Security Act independent testing, assessment and consulting services to assist your organization in meeting specific security control requirements. FISMA requires that all systems and applications that reside on U.S. Government networks undergo a formal security assessment. SD7 will work with your organization to achieve System Authorization.

If you don’t see the assessment you are looking for or are not sure what you might need, contact us!